slurpd

NAME

SYNOPSIS

DESCRIPTION

Slurpd is used to propagate changes from one slapd database to another.
If slapd is configured to produce a replication log, slurpd reads that
replication log and sends the changes to the slave slapd instances via
the LDAP protocol. slurpd is typically invoked at boot time, usually
out of /etc/rc.local.
Upon startup, slurpd normally forks and disassociates itself from the
invoking tty, then reads the replication log (given either by the
replogfile directive in the slapd config file, or by the -r command-
line option). If the replication log file does not exist or is empty,
slurpd goes to sleep. It periodically wakes up and checks to see if
there are any changes to be propoagated.
When slurpd notices that there are changes to propagate to slave slapd
instances, it locks the replication log, makes its own private copy,
releases the lock, and forks one copy of itself for each replica slapd
to be updated. Each child process binds to the slave slapd as the DN
given by the binddn option to the replica directive in the slapd config
file, and sends the changes.
See slapd(8) for details on the standalone LDAP daemon.
Note that slurpd reads replication directive from slapd.conf(5), but
uses ldap.conf(5) to obtain other configuration settings (such as TLS
settings).

OPTIONS

-ddebug-level
Turn on debugging as defined by debug-level. If this option is
specified, even with a zero argument, slurpd will not fork or
disassociate from the invoking terminal. Some general operation
and status messages are printed for any value of debug-level.
debug-level is taken as a bit string, with each bit correspond-
ing to a different kind of debugging information. See <ldap.h>
for details.
-fslapd-config-file
Specifies the slapd configuration file. The default is
/etc/openldap/slapd.conf.
-rslapd-replog-file
Specifies the name of the slapd replication logfile. Normally,
the name of the replication log file is read from the slapd con-
figuration file. The file should be located in a directory with
limited read/write/execute access. The -r option allows you to
override this. In conjunction with the -o option, you can pro-
cess a replication log file in a "one-shot" mode. For example,
if slurpd has encountered errors in processing a replication
log, you can run it in one-shot mode and give the rejection file
name as the argument to the -r option, once you’ve resolved the
problem which caused the replication to fail.
-o Run in "one-shot" mode. Normally, slurpd processes the replog
file and then watches for more replication entries to be
appended. In one-shot mode, slurpd processes a replication log
and exits.
-ttemp-dirslurpd copies the replication log to a working directory before
processing it. The directory permissions should limit
read/write/execute access as temporary files may contain sensi-
tive information. This option allows you to specify the loca-
tion of these temporary files. The default is /var/lib/ldap.
-ksrvtab-file
Specify the location of the kerberos srvtab file which contains
keys for the replica slapd instances. Overrides the srvtab
argument to the replica directive in the slapd configuration
file.

EXAMPLES

To start slurpd and have it fork and detach from the terminal and pro-
cess the replication logs generated by slapd, just type:
/usr/sbin/slurpd
To start slurpd with an alternate slapd configuration file, and turn on
voluminous debugging which will be printed on standard error, type:
/usr/sbin/slurpd -f /etc/openldap/slapd.conf -d 255